<?php
if(empty($_POST['formAction'])){
	$_GET['code'] = empty($_GET['code']) ? '' : trim($_GET['code']);
	try{
		$code = base64_decode($_GET['code']);
		$code = php_authcode($code, 'DECODE');
		$arr = unserialize($code);
		//$arr = unserialize(php_authcode(base64_decode($_GET['code']), 'DECODE'));
		if(!empty($arr)){
			$userinfo = $__oUser->get_by_userid($arr['userid'], '`userid`,`username`,`nickname`,`email`,`password_faq`,`password_ans`');
		}
	}catch(Exception $e){}

	if(empty($arr) || empty($userinfo) || $arr['email'] != $userinfo['email']){
		sysinfo(array(
			'ptitle'=> '账户验证',
			'title'	=> '账户验证失败',
			'btns'	=> array(
				'找回密码'	=> './index.php?mdl=findpwd&do=account',
				'用户登录'	=> './index.php?mdl=user&do=login',
			),
			'links'	=> array(
				'首页'	=> './',
				'用户注册'	=> './index.php?mdl=user&do=register',
			),
		));
	}
	$vars['userinfo'] = $userinfo;

	// 保存到SESSION
	set_session('resetpwd_username', $userinfo['username']);
}else{

	$username = get_session('resetpwd_username');
	if(empty($username)){
		ajax_msg('warning', '参数丢失', 'callback_findpwd_reset');
	}
	$password = empty($_POST['password']) ? '' : trim($_POST['password']);
	
	$r = $__oUser->reset_password($username, $password);
	if($r['result'] == 'succ'){
		del_session('resetpwd_username');
		ajax_msg('succ', '', 'callback_findpwd_reset', $r['data']['synjs']);
	}
	ajax_msg($r['result'], $r['rmsg'], 'callback_findpwd_reset');

}
?>